Details
Alert ID 10052
Alert Type Passive
Status release
Risk Medium
CWE 532
WASC 13
Technologies Targeted All
Tags CWE-532
OWASP_2017_A03
OWASP_2021_A04
POLICY_PENTEST
POLICY_QA_STD
SYSTEMIC
WSTG-V42-INFO-05
More Info Scan Rule Help

Summary

The server is leaking information through the X-ChromeLogger-Data (or X-ChromePhp-Data) response header. The content of such headers can be customized by the developer, however it is not uncommon to find: server file system locations, vhost declarations, etc.

Solution

Disable this functionality in Production when it might leak information that could be leveraged by an attacker. Alternatively ensure that use of the functionality is tied to a strong authorization check and only available to administrators or support personnel for troubleshooting purposes not general users.

Other Info

The following represents an attempt to base64 decode the value: {"version":"4.0","columns":["label","log","backtrace","type"],"rows":[["request","Matched route \"app_security_login\" (parameters: \"_controller\": \"BackEnd\\AppBundle\\Controller\\SecurityController::loginAction\", \"_route\": \"app_security_login\")","unknown","info"],["security","Populated SecurityContext with an anonymous Token","unknown","info"]],"request_uri":"\/login"}

References

Code

org/zaproxy/zap/extension/pscanrules/XChromeLoggerDataInfoLeakScanRule.java